From 118d56fc364a0931862a817cb1201ecb03fa69b9 Mon Sep 17 00:00:00 2001 From: Andrew Rioux Date: Sat, 15 Feb 2025 19:01:37 -0500 Subject: [PATCH] fix: got everything to compile --- Cargo.lock | 116 ++++++++++-------- flake.nix | 2 + packages.nix | 23 ++-- sparse-beacon/Cargo.toml | 9 +- sparse-beacon/src/lib.rs | 4 + sparse-handler/Cargo.toml | 4 +- sparse-handler/src/lib.rs | 2 + sparse-server/.cargo/config.toml | 3 +- ...1aff769f501f635bf897f1883e36703daa2e.json} | 6 +- sparse-server/Cargo.toml | 2 +- sparse-unix-beacon/Cargo.toml | 2 +- sparse-windows-beacon/Cargo.toml | 5 +- system-libs.nix | 15 +++ 13 files changed, 123 insertions(+), 70 deletions(-) rename sparse-server/.sqlx/{query-75816d6d1484350d4a1c37b6679237007868f10438ee9cbd7ae67eeaa345be0f.json => query-e2d2d105d18571ddb499e08a13dc1aff769f501f635bf897f1883e36703daa2e.json} (92%) diff --git a/Cargo.lock b/Cargo.lock index c8a7ed7..29fb645 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -234,31 +234,6 @@ version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" -[[package]] -name = "aws-lc-rs" -version = "1.12.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c2b7ddaa2c56a367ad27a094ad8ef4faacf8a617c2575acb2ba88949df999ca" -dependencies = [ - "aws-lc-sys", - "paste", - "zeroize", -] - -[[package]] -name = "aws-lc-sys" -version = "0.25.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71b2ddd3ada61a305e1d8bb6c005d1eaa7d14d903681edfc400406d523a9b491" -dependencies = [ - "bindgen", - "cc", - "cmake", - "dunce", - "fs_extra", - "paste", -] - [[package]] name = "axum" version = "0.7.9" @@ -564,15 +539,6 @@ dependencies = [ "vec_map", ] -[[package]] -name = "cmake" -version = "0.1.53" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e24a03c8b52922d68a1589ad61032f2c1aa5a8158d2aa0d93c6e9534944bbad6" -dependencies = [ - "cc", -] - [[package]] name = "codee" version = "0.2.0" @@ -957,12 +923,6 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "669a445ee724c5c69b1b06fe0b63e70a1c84bc9bb7d9696cd4f4e3ec45050408" -[[package]] -name = "dunce" -version = "1.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" - [[package]] name = "dyn-clone" version = "1.0.18" @@ -1084,6 +1044,21 @@ version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0d2fde1f7b3d48b8395d5f2de76c18a528bd6a9cdde438df747bfcba3e05d6f" +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + [[package]] name = "form_urlencoded" version = "1.2.1" @@ -1093,12 +1068,6 @@ dependencies = [ "percent-encoding", ] -[[package]] -name = "fs_extra" -version = "1.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" - [[package]] name = "futures" version = "0.3.31" @@ -2375,12 +2344,50 @@ version = "1.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1261fe7e33c73b354eab43b1273a57c8f967d0391e80353e51f764ac02cf6775" +[[package]] +name = "openssl" +version = "0.10.71" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e14130c6a98cd258fdcb0fb6d744152343ff729cbfcb28c656a9d12b999fbcd" +dependencies = [ + "bitflags 2.8.0", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.96", +] + [[package]] name = "openssl-probe" version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" +[[package]] +name = "openssl-sys" +version = "0.9.106" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8bb61ea9811cc39e3c2069f40b8b8e2e70d8569b361f879786cc7ed48b777cdd" +dependencies = [ + "cc", + "libc", + "pkg-config", + "vcpkg", +] + [[package]] name = "or_poisoned" version = "0.1.0" @@ -2987,8 +2994,6 @@ version = "0.23.23" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "47796c98c480fce5406ef69d1c76378375492c3b0a0de587be0c1d9feb12f395" dependencies = [ - "aws-lc-rs", - "log", "once_cell", "ring", "rustls-pki-types", @@ -3009,6 +3014,19 @@ dependencies = [ "security-framework", ] +[[package]] +name = "rustls-openssl" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ad6baac2596417ed1ac329842cc9ab22d90fbbc3c59612ecd74d783b1df26523" +dependencies = [ + "once_cell", + "openssl", + "openssl-sys", + "rustls", + "rustls-webpki", +] + [[package]] name = "rustls-pemfile" version = "2.2.0" @@ -3030,7 +3048,6 @@ version = "0.102.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "64ca1bc8749bd4cf37b5ce386cc146580777b4e8572c7b97baf22c83f444bee9" dependencies = [ - "aws-lc-rs", "ring", "rustls-pki-types", "untrusted", @@ -3382,6 +3399,7 @@ dependencies = [ "pin-project", "rand 0.9.0", "rustls", + "rustls-openssl", "simple_logger", "smoltcp", "sparse-actions", diff --git a/flake.nix b/flake.nix index d85d359..adcd898 100644 --- a/flake.nix +++ b/flake.nix @@ -200,6 +200,8 @@ # No point adding above environment variables, since web server can't # be built with windows tools available + + OPENSSL_DIR = system-libs.win-openssl; }); freebsd = craneLib.devShell (buildEnvironment // { diff --git a/packages.nix b/packages.nix index d7f7534..5c7ad66 100644 --- a/packages.nix +++ b/packages.nix @@ -1,5 +1,5 @@ { pkgs, buildTools, buildEnvironment, craneLib, advisory-db, winpcap-libs -, winpcap-drivers, freebsd-libs, libnl, libcap, libpcap-linux-musl +, winpcap-drivers, win-openssl, freebsd-libs, libnl, libcap, libpcap-linux-musl , libpcap-linux-gnu, libpcap-freebsd }: let patch-elf = header: drv: path: @@ -103,7 +103,7 @@ let linuxArgs = commonArgs // { nativeBuildInputs = buildTools.linux ++ (with pkgs; [ musl ]); - #RUSTFLAGS = "-Ctarget-feature=+crt-static"; + RUSTFLAGS = "-Ctarget-feature=+crt-static"; }; freebsdArgs = commonArgs // { @@ -123,9 +123,11 @@ let doCheck = false; nativeBuildInputs = buildTools.linux ++ buildTools.windows; + + OPENSSL_DIR = win-openssl; }; - gnuLinuxCargoArtifacts = craneLib.buildDepsOnly (linuxArgs // { + gnuLinuxCargoArtifacts = craneLib.buildDepsOnly (commonArgs // { nativeBuildInputs = buildTools.linux ++ (with pkgs; [ glibc.static ]); name = "sparse-deps-gnu-linux"; cargoExtraArgs = @@ -135,6 +137,7 @@ let name = "sparse-deps-linux"; cargoExtraArgs = "--target=x86_64-unknown-linux-musl --locked -p sparse-unix-beacon -p sparse-unix-installer"; + RUSTFLAGS = "-Ctarget-feature=+crt-static"; }); freebsdCargoArtifacts = craneLib.buildDepsOnly (freebsdArgs // { name = "sparse-deps-freebsd"; @@ -180,7 +183,7 @@ let fileSetForBeaconCrate ./sparse-windows-beacon ./sparse-windows-infector; CARGO_BUILD_TARGET = "x86_64-pc-windows-gnu"; - CARGO_BUILD_RUSTFLAGS = "-Ctarget-feature=+crt-static"; + # CARGO_BUILD_RUSTFLAGS = "-Ctarget-feature=+crt-static"; }); sparse-beacon-windows-svc = craneLib.buildPackage (windowsArgs // { @@ -191,7 +194,7 @@ let fileSetForBeaconCrate ./sparse-windows-beacon ./sparse-windows-infector; CARGO_BUILD_TARGET = "x86_64-pc-windows-gnu"; - CARGO_BUILD_RUSTFLAGS = "-Ctarget-feature=+crt-static"; + # CARGO_BUILD_RUSTFLAGS = "-Ctarget-feature=+crt-static"; }); linux-loader = pkgs.stdenv.mkDerivation { @@ -286,14 +289,14 @@ let SPARSE_LIBRARY = "${sparse-beacon-windows}/lib/sparse_windows_beacon.dll"; }); - sparse-server = craneLib.mkCargoDerivation (commonArgs // { + sparse-server = craneLib.mkCargoDerivation (linuxArgs // { src = fileSetForWebCrate; cargoArtifacts = gnuLinuxCargoArtifacts; nativeBuildInputs = buildTools.linux ++ (with pkgs; [ glibc.static ]); - name = "sparse-server-webclient"; - pname = "sparse-server-webclient"; + name = "sparse-server"; + pname = "sparse-server"; buildPhaseCargoCommand = '' cargo leptos build \ @@ -309,6 +312,8 @@ let ''; doCheck = false; + RUSTFLAGS = ""; + SPARSE_INSTALLER_LINUX = "${sparse-installer-linux}/bin/sparse-unix-installer"; SPARSE_INSTALLER_FREEBSD = @@ -342,6 +347,8 @@ let linux-loader freebsd-loader-sysv sparse-installer-linux sparse-installer-freebsd sparse-installer-windows; + inherit freebsd-zig-libc; + default = sparse-server; }; checks = outputs.packages // { diff --git a/sparse-beacon/Cargo.toml b/sparse-beacon/Cargo.toml index 936a1f6..70a2e51 100644 --- a/sparse-beacon/Cargo.toml +++ b/sparse-beacon/Cargo.toml @@ -14,8 +14,9 @@ tracing = "0.1.41" rand = "0.9.0" pin-project = "1.1.9" hyper-util = { version = "0.1.10", features = ["client", "client-legacy", "http1", "http2", "service", "tokio"] } -hyper-rustls = { version = "0.27.5", default-features = false, features = ["http1", "http2", "native-tokio", "ring"] } -rustls = { version = "0.23.23", default-features = false, features = ["ring", "std"] } +hyper-rustls = { version = "0.27.5", default-features = false, features = ["http1", "http2", "native-tokio"] } +rustls = { version = "0.23.23", default-features = false, features = ["std"] } +rustls-openssl = { version = "0.2", optional = true, default-features = false } tower-service = "0.3.3" futures = "0.3.31" simple_logger = "5.0.0" @@ -26,3 +27,7 @@ http-body-util = "0.1.2" pcap-sys = { version = "0.1.0", path = "../pcap-sys" } sparse-actions = { version = "2.0.0", path = "../sparse-actions" } packets = { version = "0.1.0", path = "../packets" } + +[features] +openssl = ["dep:rustls-openssl"] +ring = ["rustls/ring", "hyper-rustls/ring"] diff --git a/sparse-beacon/src/lib.rs b/sparse-beacon/src/lib.rs index 59613f1..b359a00 100644 --- a/sparse-beacon/src/lib.rs +++ b/sparse-beacon/src/lib.rs @@ -11,6 +11,10 @@ pub mod adapter; pub mod error; pub use error::BeaconError; +pub fn install_rustls() { + +} + pub async fn run_beacon_step( host_adapter: A, params: Parameters, diff --git a/sparse-handler/Cargo.toml b/sparse-handler/Cargo.toml index 3db8e40..956f213 100644 --- a/sparse-handler/Cargo.toml +++ b/sparse-handler/Cargo.toml @@ -13,7 +13,7 @@ tracing = "0.1" sqlx = { version = "0.8", default-features = false, features = ["chrono", "macros", "migrate", "runtime-tokio", "sqlite", "sqlx-sqlite"] } serde = "1.0" serde_json = "1.0" -axum-server = { version = "^0.7", features = ["tokio-rustls", "tls-rustls"] } -rustls = "0.23" +axum-server = { version = "^0.7", features = ["tokio-rustls", "tls-rustls-no-provider"] } +rustls = { version = "0.23", default-features = false, features = ["ring", "std"] } rcgen = "0.13.2" rustls-pki-types = "1.11.0" diff --git a/sparse-handler/src/lib.rs b/sparse-handler/src/lib.rs index f373495..ba67fee 100644 --- a/sparse-handler/src/lib.rs +++ b/sparse-handler/src/lib.rs @@ -40,6 +40,8 @@ pub async fn start_all_listeners( beacon_listener_map: BeaconListenerMap, db: SqlitePool, ) -> Result<(), crate::error::Error> { + rustls::crypto::ring::default_provider().install_default().expect("could not set up rustls"); + let listener_ids = sqlx::query!("SELECT listener_id FROM beacon_listener") .fetch_all(&db) .await?; diff --git a/sparse-server/.cargo/config.toml b/sparse-server/.cargo/config.toml index 9bc21cb..2de063a 100644 --- a/sparse-server/.cargo/config.toml +++ b/sparse-server/.cargo/config.toml @@ -2,8 +2,7 @@ rustflags = ["-C", "link-arg=-fuse-ld=mold"] [target.x86_64-unknown-linux-gnu] -linker = "clang" -rustflags = ["-Ctarget-feature=+crt-static", "--cfg=has_std", "-C", "link-arg=-fuse-ld=mold"] +#rustflags = ["-Ctarget-feature=+crt-static", "--cfg=has_std", "-C", "link-arg=-fuse-ld=mold"] [unstable] build-std = ["std", "panic_abort", "core", "alloc"] diff --git a/sparse-server/.sqlx/query-75816d6d1484350d4a1c37b6679237007868f10438ee9cbd7ae67eeaa345be0f.json b/sparse-server/.sqlx/query-e2d2d105d18571ddb499e08a13dc1aff769f501f635bf897f1883e36703daa2e.json similarity index 92% rename from sparse-server/.sqlx/query-75816d6d1484350d4a1c37b6679237007868f10438ee9cbd7ae67eeaa345be0f.json rename to sparse-server/.sqlx/query-e2d2d105d18571ddb499e08a13dc1aff769f501f635bf897f1883e36703daa2e.json index 4a5166e..6a9b1ad 100644 --- a/sparse-server/.sqlx/query-75816d6d1484350d4a1c37b6679237007868f10438ee9cbd7ae67eeaa345be0f.json +++ b/sparse-server/.sqlx/query-e2d2d105d18571ddb499e08a13dc1aff769f501f635bf897f1883e36703daa2e.json @@ -1,6 +1,6 @@ { "db_name": "SQLite", - "query": "SELECT operating_system, source_ip, source_mac, source_mode, source_netmask,\n source_gateway, port, public_ip, domain_name, certificate, client_cert, client_key,\n source_interface\n FROM beacon_template JOIN beacon_listener", + "query": "SELECT operating_system, source_ip, source_mac, source_mode, source_netmask,\n source_gateway, port, public_ip, domain_name, certificate, client_cert, client_key,\n source_interface\n FROM beacon_template JOIN beacon_listener\n WHERE template_id = ?", "describe": { "columns": [ { @@ -70,7 +70,7 @@ } ], "parameters": { - "Right": 0 + "Right": 1 }, "nullable": [ false, @@ -88,5 +88,5 @@ true ] }, - "hash": "75816d6d1484350d4a1c37b6679237007868f10438ee9cbd7ae67eeaa345be0f" + "hash": "e2d2d105d18571ddb499e08a13dc1aff769f501f635bf897f1883e36703daa2e" } diff --git a/sparse-server/Cargo.toml b/sparse-server/Cargo.toml index d39a79d..3892f01 100644 --- a/sparse-server/Cargo.toml +++ b/sparse-server/Cargo.toml @@ -20,7 +20,7 @@ tower-http = { version = "0.5", features = ["fs", "compression-br", "compression wasm-bindgen = "0.2" thiserror = "1" http = "1" -axum-server = { version = "^0.7", features = ["tokio-rustls", "tls-rustls"], optional = true } +axum-server = { version = "^0.7", features = ["tokio-rustls", "tls-rustls-no-provider"], optional = true } tracing-subscriber = { version = "0.3", features = ["chrono", "env-filter", "serde", "tracing", "tracing-serde"], optional = true } structopt = { version = "0.3", optional = true } anyhow = "1.0" diff --git a/sparse-unix-beacon/Cargo.toml b/sparse-unix-beacon/Cargo.toml index 8bcf51f..3445b15 100644 --- a/sparse-unix-beacon/Cargo.toml +++ b/sparse-unix-beacon/Cargo.toml @@ -10,7 +10,7 @@ async-trait = "0.1.86" tokio = { version = "1.43.0", features = ["fs", "macros", "rt"] } thiserror = "2.0.11" -sparse-beacon = { version = "0.7.0", path = "../sparse-beacon" } +sparse-beacon = { version = "0.7.0", path = "../sparse-beacon", features = ["ring"] } sparse-actions = { version = "2.0.0", path = "../sparse-actions" } [target.'cfg(target_os = "linux")'.dependencies] diff --git a/sparse-windows-beacon/Cargo.toml b/sparse-windows-beacon/Cargo.toml index 5ddc053..a90e5be 100644 --- a/sparse-windows-beacon/Cargo.toml +++ b/sparse-windows-beacon/Cargo.toml @@ -9,8 +9,6 @@ crate-type = ["cdylib"] [dependencies] anyhow = "1.0.95" async-trait = "0.1.86" -sparse-actions = { version = "2.0.0", path = "../sparse-actions" } -sparse-beacon = { version = "0.7.0", path = "../sparse-beacon" } thiserror = "2.0.11" tokio = { version = "1.43.0", features = ["fs", "io-std", "io-util", "rt-multi-thread", "sync"] } windows = { version = "0.59.0", features = ["Win32_NetworkManagement_IpHelper", "Win32_NetworkManagement_Ndis", "Win32_Networking_WinSock", "Win32_System_LibraryLoader", "Win32_System_SystemServices", "Win32_UI_WindowsAndMessaging"] } @@ -18,5 +16,8 @@ windows-result = "0.3.0" windows-strings = "0.3.0" winreg = "0.55" +sparse-actions = { version = "2.0.0", path = "../sparse-actions" } +sparse-beacon = { version = "0.7.0", path = "../sparse-beacon", features = ["openssl"] } + [features] service = [] diff --git a/system-libs.nix b/system-libs.nix index 1e0ffcf..2c34eb2 100644 --- a/system-libs.nix +++ b/system-libs.nix @@ -47,6 +47,21 @@ in { ''; }; + win-openssl = with pkgs.pkgsCross.mingwW64; + pkgs.stdenv.mkDerivation { + name = "win-openssl"; + + buildInputs = with pkgs; [ gnutar ]; + + unpackPhase = '' + mkdir -p $out + + cp -r ${openssl.out}/* $out + chmod -R +rwx $out + cp -r ${openssl.dev}/* $out + ''; + }; + libnl = pkgs.stdenv.mkDerivation { name = "libnl-static";